fidelitysecure.duckdns.org Open in urlscan Pro
147.182.232.99 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fidelitysecure.duckdns.org/Fidelity
Effective URL:
http://fidelitysecure.duckdns.org/Fidelity/login.php?primarymember_id=66b1da8b1b77217cbb2b8a753
Submission: On November 19 via api (November 19th 2021, 1:55:11 pm UTC) from US — Scanned from DE

Summary HTTP 89 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 4 domains to perform 89 HTTP transactions. The main IP is 147.182.232.99, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is fidelitysecure.duckdns.org.

This is the only time fidelitysecure.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Fidelity (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2 4	147.182.232.99 147.182.232.99	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
19	91.235.133.67 91.235.133.67	30286 (THM) (THM)
3	184.86.251.7 184.86.251.7	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
60	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	184.30.20.101 184.30.20.101	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
89	8

4 147.182.232.99 (Santa Clara, United States) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

fidelitysecure.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 91.235.133.67 (United States)

ASN30286 (THM, US)

cfa.fidelity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.86.251.7 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-7.deploy.static.akamaitechnologies.com

assets.fidelity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.20.101 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-101.deploy.static.akamaitechnologies.com

sjc1.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.235.132.130 (United States) 1 redirects

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

5h8i3ud8z4geip3rk35pkq5po53l7yi23j6bhucl08c7909705690b3cam1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	qualtrics.com zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com siteintercept.qualtrics.com sjc1.qualtrics.com	159 KB
22	fidelity.com cfa.fidelity.com assets.fidelity.com	300 KB
4	online-metrix.net 1 redirects h.online-metrix.net 5h8i3ud8z4geip3rk35pkq5po53l7yi23j6bhucl08c7909705690b3cam1.e.aa.online-metrix.net	16 KB
4	duckdns.org 2 redirects fidelitysecure.duckdns.org	46 KB
89	4

	Domain	Requested by
59	siteintercept.qualtrics.com	fidelitysecure.duckdns.org zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com siteintercept.qualtrics.com
19	cfa.fidelity.com	fidelitysecure.duckdns.org cfa.fidelity.com
4	fidelitysecure.duckdns.org	2 redirects fidelitysecure.duckdns.org
3	h.online-metrix.net	1 redirects cfa.fidelity.com
3	assets.fidelity.com	fidelitysecure.duckdns.org
2	sjc1.qualtrics.com	fidelitysecure.duckdns.org siteintercept.qualtrics.com
1	5h8i3ud8z4geip3rk35pkq5po53l7yi23j6bhucl08c7909705690b3cam1.e.aa.online-metrix.net
1	zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com	fidelitysecure.duckdns.org
89	8

This site contains links to these domains. Also see Links.

Domain
www.fidelity.com
login.fidelity.com
fps.fidelity.com
guest.fidelity.com
scs.fidelity.com

Subject Issuer	Validity	Valid
CFA.febtest.com Entrust Certification Authority - L1K	`2021-07-19` - `2022-08-18`	a year	crt.sh
dpcs.fidelity.com Entrust Certification Authority - L1M	`2021-04-13` - `2022-05-08`	a year	crt.sh
*.qualtrics.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-24` - `2022-09-24`	a year	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-01-21` - `2022-01-21`	a year	crt.sh
*.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-07-30` - `2022-08-01`	a year	crt.sh

This page contains 7 frames:

Primary Page: http://fidelitysecure.duckdns.org/Fidelity/login.php?primarymember_id=66b1da8b1b77217cbb2b8a753
Frame ID: 000031675F8AD8E40FF80466F5FD83D1
Requests: 72 HTTP requests in this frame

Frame: https://cfa.fidelity.com/fp/HP?session_id=d021478374785ec619a50956785409da&org_id=5h8i3ud8&nonce=37009b10692389b9&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 71918B03564341D469EA655464C1F527
Requests: 3 HTTP requests in this frame

Frame: https://cfa.fidelity.com/fp/check.js;CIS3SID=6C67879F6EADD7E3540755F12CE6FE27?org_id=5h8i3ud8&session_id=d021478374785ec619a50956785409da&nonce=08c7909705690b3c&jb=343924266a7167773f4c6b667578246873673d4c6966757a2462736275354368726f6f6526687b603f436a7a6f6d672732383936
Frame ID: 8C4AD0FD315C3872328FDDFF8926C28E
Requests: 11 HTTP requests in this frame

Frame: https://cfa.fidelity.com/fp/HP?session_id=d021478374785ec619a50956785409da&org_id=5h8i3ud8&nonce=08c7909705690b3c&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 4AE06575E21370E6186DBA58C6193333
Requests: 3 HTTP requests in this frame

Frame: https://cfa.fidelity.com/fp/ls_fp.html;CIS3SID=6C67879F6EADD7E3540755F12CE6FE27?org_id=5h8i3ud8&session_id=d021478374785ec619a50956785409da&nonce=08c7909705690b3c
Frame ID: B3A40D1B875D868B5E1EE3D6FCFAC124
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=6C67879F6EADD7E3540755F12CE6FE27?org_id=5h8i3ud8&session_id=d021478374785ec619a50956785409da&nonce=08c7909705690b3c
Frame ID: EEF826B19375241FE360BEA27DF38496
Requests: 1 HTTP requests in this frame

Frame: https://cfa.fidelity.com/fp/top_fp.html;CIS3SID=6C67879F6EADD7E3540755F12CE6FE27?org_id=5h8i3ud8&session_id=d021478374785ec619a50956785409da&nonce=08c7909705690b3c
Frame ID: BB699DEA1407258771D09F0436D74690
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login

Page URL History Show full URLs

http://fidelitysecure.duckdns.org/Fidelity HTTP 301
http://fidelitysecure.duckdns.org/Fidelity/ HTTP 302
http://fidelitysecure.duckdns.org/Fidelity/login.php?primarymember_id=66b1da8b1b77217cbb2b8a753 Page URL

Page Statistics

89
Requests

96 %
HTTPS

0 %
IPv6

4
Domains

8
Subdomains

8
IPs

3
Countries

519 kB
Transfer

1891 kB
Size

4
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.fidelity.com/

Search URL Search Domain Scan URL

URL: https://login.fidelity.com/ftgw/pages/retail/html/include/RememberIDInfo.html
Title: Remember username

Search URL Search Domain Scan URL

URL: https://fps.fidelity.com/ftgw/Fps/Fidelity/RtlCust/Resolve/InitNUR
Title: Register Now

Search URL Search Domain Scan URL

URL: https://www.fidelity.com/customer-service/need-help-logging-in
Title: Frequently Asked Questions

Search URL Search Domain Scan URL

URL: https://www.fidelity.com/security/overview
Title: Online Security

Search URL Search Domain Scan URL

URL: https://login.fidelity.com/ftgw/Fas/Fidelity/CgfCust/Login/Init
Title: Log in to Fidelity CharitableSM

Search URL Search Domain Scan URL

URL: https://guest.fidelity.com/GA/profile
Title: Log in or sign up for Guest Access

Search URL Search Domain Scan URL

URL: https://www.fidelity.com/open-account/overview
Title: Open an account

Search URL Search Domain Scan URL

URL: https://www.fidelity.com/customer-service/nfs-statement-financial-condition
Title: National Financial Services LLC Statement of Financial Condition

Search URL Search Domain Scan URL

URL: https://scs.fidelity.com/webxpress/electronic_services_agreement.shtml
Title: Electronic Services Customer Agreement

Search URL Search Domain Scan URL

URL: https://scs.fidelity.com/webxpress/license_agreement.html
Title: License Agreement

Search URL Search Domain Scan URL

URL: https://www.fidelity.com/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.fidelity.com/privacy-policy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.fidelity.com/sitemap/overview
Title: Sitemap

Search URL Search Domain Scan URL

URL: https://www.fidelity.com/accessibility/overview
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.fidelity.com/terms-of-use#For
Title: This is for persons in the U.S. only.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://fidelitysecure.duckdns.org/Fidelity HTTP 301
http://fidelitysecure.duckdns.org/Fidelity/ HTTP 302
http://fidelitysecure.duckdns.org/Fidelity/login.php?primarymember_id=66b1da8b1b77217cbb2b8a753 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

http://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=https%3A%2F%2Fdigital.fidelity.com%2Fprgw%2Fdigital%2Flogin%2Ffull-page%3FerrorCode%3Derror-tryagain%26AuthRedUrl%3Dhttps%253A%252F%252Foltx.fidelity.com%252Fftgw%252Ffbc%252Fofsummary%252FdefaultPage%26AuthOrigUrl%3Dhttps%253A%252F%252Fscs.fidelity.com%252Fcustomeronly%252Fportfolio.shtml&t=1613578539608 HTTP 307
https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=https%3A%2F%2Fdigital.fidelity.com%2Fprgw%2Fdigital%2Flogin%2Ffull-page%3FerrorCode%3Derror-tryagain%26AuthRedUrl%3Dhttps%253A%252F%252Foltx.fidelity.com%252Fftgw%252Ffbc%252Fofsummary%252FdefaultPage%26AuthOrigUrl%3Dhttps%253A%252F%252Fscs.fidelity.com%252Fcustomeronly%252Fportfolio.shtml&t=1613578539608

Request Chain 25

https://h.online-metrix.net/fp/clear.png?org_id=5h8i3ud8&session_id=d021478374785ec619a50956785409da&nonce=08c7909705690b3c&gttl=155520000 HTTP 302
https://h.online-metrix.net/fp/clear.png?org_id=5h8i3ud8&session_id=d021478374785ec619a50956785409da&nonce=08c7909705690b3c&k=2

89 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login.php Show response
fidelitysecure.duckdns.org/Fidelity/
Redirect Chain

http://fidelitysecure.duckdns.org/Fidelity
http://fidelitysecure.duckdns.org/Fidelity/
http://fidelitysecure.duckdns.org/Fidelity/login.php?primarymember_id=66b1da8b1b77217cbb2b8a753

45 KB
45 KB

177ms
177ms

Document
text/html

147.182.232.99
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://fidelitysecure.duckdns.org/Fidelity/login.php?primarymember_id=66b1da8b1b77217cbb2b8a753
Protocol: HTTP/1.1
Server: 147.182.232.99 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: ed45b866ae2d245825fdb7ddab7c553586a5feb1598f6fd4e916f0bdd4a5ca85

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Fri, 19 Nov 2021 13:55:06 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Fri, 19 Nov 2021 13:55:06 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: login.php?primarymember_id=66b1da8b1b77217cbb2b8a753
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tags.js Show response
cfa.fidelity.com/fp/ 79 KB
11 KB 50ms
15ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cfa.fidelity.com/fp/tags.js?org_id=5h8i3ud8&session_id=D021478374785EC619A50956785409DA

Requested by

Host: fidelitysecure.duckdns.org
URL: http://fidelitysecure.duckdns.org/Fidelity/login.php?primarymember_id=66b1da8b1b77217cbb2b8a753

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

28fe12d33e400e7cba922a6b703ac7afb4eb6a7e2f453d09e5c2c55c68030ab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 13:55:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
P3P: CP=IVAa PSAa
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive, Keep-Alive
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 404
Not Found 45299d6b9a0ti190698a987b283a4a6e7
fidelitysecure.duckdns.org/staticweb/ 0
0 157ms
157ms Script
text/html 147.182.232.99
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://fidelitysecure.duckdns.org/staticweb/45299d6b9a0ti190698a987b283a4a6e7
Requested by: Host: fidelitysecure.duckdns.org
URL: http://fidelitysecure.duckdns.org/Fidelity/login.php?primarymember_id=66b1da8b1b77217cbb2b8a753
Protocol: HTTP/1.1
Server: 147.182.232.99 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/Fidelity/login.php?primarymember_id=66b1da8b1b77217cbb2b8a753
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 13:55:06 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 170c22b59d68deed748cc0b577f49a828d751cb5b201fabee8f5b2eb515d4998

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 585 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39aac9dc37e49220013d6bfda6483629e9658764582168758db8cf4426b25db0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK FidelitySans-Regular.woff2
assets.fidelity.com/fonts/ 38 KB
39 KB 99ms
18ms Font
font/woff2 184.86.251.7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.fidelity.com/fonts/FidelitySans-Regular.woff2
Requested by: Host: fidelitysecure.duckdns.org
URL: http://fidelitysecure.duckdns.org/Fidelity/login.php?primarymember_id=66b1da8b1b77217cbb2b8a753
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.86.251.7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-7.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7a407e54294c6ef2fe14317f6653ff26f73749e20d8c8e53a4016f822a5024fe

Request headers

Referer: http://fidelitysecure.duckdns.org/
Origin: http://fidelitysecure.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: cpgqIAHuy6FoHTLc0oJM1uJOyTbiLcLT
ETag: "cd5a50acd18c4f6fab4076cdc9133e9a"
x-amz-request-id: A2EAA73CF435DCE9
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 38612
x-amz-id-2: wIpYDQcLK1dkygWVP3t6PkI/7ve0CdpYhBhOc4i36DcU7QbKSOBTEYC1SQr2l1wZrwO7lJF1z3o=
Last-Modified: Thu, 06 Dec 2018 21:21:15 GMT
Server: AmazonS3
Date: Fri, 19 Nov 2021 13:55:06 GMT
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-XSRF-TOKEN
Cache-Control: max-age=854
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: appid, appname, content-type, X-XSRF-TOKEN
Expires: Fri, 19 Nov 2021 14:09:20 GMT

GET
DATA 200
OK truncated
/ 352 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6dc80a145e5abd531738f66c8c38e48aa38205440f14772046df37e5605323a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK FidelitySans-Light.woff2
assets.fidelity.com/fonts/ 40 KB
41 KB 97ms
19ms Font
font/woff2 184.86.251.7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.fidelity.com/fonts/FidelitySans-Light.woff2
Requested by: Host: fidelitysecure.duckdns.org
URL: http://fidelitysecure.duckdns.org/Fidelity/login.php?primarymember_id=66b1da8b1b77217cbb2b8a753
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.86.251.7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-7.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7aa0292c8b5387df9165be7dec812d4636f0848f97093801e7c0d2d89d0ce62b

Request headers

Referer: http://fidelitysecure.duckdns.org/
Origin: http://fidelitysecure.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: rmoOPMlBTN4tSHbjfZXPBKRE8RWzeRcl
ETag: "fd6b0d7667a12e684bd5a0208f653f0e"
x-amz-request-id: QSCMG6SZEERKKW9W
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 40980
x-amz-id-2: vNRJCglVbannQtJxx2XqEBJtydDPYu8T7oNDAPyqfV9tYgR7YLuSGMb/sI7hid4dyyqDUPy5P28=
Last-Modified: Thu, 06 Dec 2018 21:21:19 GMT
Server: AmazonS3
Date: Fri, 19 Nov 2021 13:55:06 GMT
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-XSRF-TOKEN
Cache-Control: max-age=2607
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: appid, appname, content-type, X-XSRF-TOKEN
Expires: Fri, 19 Nov 2021 14:38:33 GMT

GET
H/1.1 200
OK FidelitySans-Bold.woff2
assets.fidelity.com/fonts/ 35 KB
36 KB 97ms
19ms Font
font/woff2 184.86.251.7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.fidelity.com/fonts/FidelitySans-Bold.woff2
Requested by: Host: fidelitysecure.duckdns.org
URL: http://fidelitysecure.duckdns.org/Fidelity/login.php?primarymember_id=66b1da8b1b77217cbb2b8a753
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.86.251.7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-7.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 67c80d56758cda1bb5bec77917aaf74c32006a0bc09a7dd164c556de2c754487

Request headers

Referer: http://fidelitysecure.duckdns.org/
Origin: http://fidelitysecure.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: CumvHJLSFkOz7Pue9MInRl2Za8_2YyXs
ETag: "60c67bd3120a745a1c4fcadd68d304c9"
x-amz-request-id: A9E7C65Y86N66STE
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 35812
x-amz-id-2: W4npIchuVCyAHITcXServo1AQUHKR9x65TH+dyl/WxW43Zfo1jEqwLeiPzEOnJGmvq4iu33D6VQ=
Last-Modified: Thu, 06 Dec 2018 21:21:16 GMT
Server: AmazonS3
Date: Fri, 19 Nov 2021 13:55:06 GMT
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-XSRF-TOKEN
Cache-Control: max-age=3157
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: appid, appname, content-type, X-XSRF-TOKEN
Expires: Fri, 19 Nov 2021 14:47:43 GMT

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b2ced9a0548a82ecb57df60ab6d1ca8ac7e7584f64f2b9e64cbf4ad0c3483a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2

200

/ Show response
zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/
Redirect Chain

http://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=https%3A%2F%2Fdigital.fidelity.com%2Fprgw%2Fdigital%2Flogin%2Ffull-page%3FerrorCode%...
https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=https%3A%2F%2Fdigital.fidelity.com%2Fprgw%2Fdigital%2Flogin%2Ffull-page%3FerrorCode...

7 KB
4 KB

59ms
36ms

Script
application/javascript

104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=https%3A%2F%2Fdigital.fidelity.com%2Fprgw%2Fdigital%2Flogin%2Ffull-page%3FerrorCode%3Derror-tryagain%26AuthRedUrl%3Dhttps%253A%252F%252Foltx.fidelity.com%252Fftgw%252Ffbc%252Fofsummary%252FdefaultPage%26AuthOrigUrl%3Dhttps%253A%252F%252Fscs.fidelity.com%252Fcustomeronly%252Fportfolio.shtml&t=1613578539608

Requested by

Host: fidelitysecure.duckdns.org
URL: http://fidelitysecure.duckdns.org/Fidelity/login.php?primarymember_id=66b1da8b1b77217cbb2b8a753

Protocol

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d2c022ab32baeb79d0fd1e7cfbb0efd41ba112e22b006cbb3fd39fcea8716ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 129471
cf-polished: origSize=8435
cf-ray: 6b09ef309e624e31-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 19
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"20f3-vg0lxmn53Y7h/qImvdBnjVd6Erw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

Redirect headers

Location: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=https%3A%2F%2Fdigital.fidelity.com%2Fprgw%2Fdigital%2Flogin%2Ffull-page%3FerrorCode%3Derror-tryagain%26AuthRedUrl%3Dhttps%253A%252F%252Foltx.fidelity.com%252Fftgw%252Ffbc%252Fofsummary%252FdefaultPage%26AuthOrigUrl%3Dhttps%253A%252F%252Fscs.fidelity.com%252Fcustomeronly%252Fportfolio.shtml&t=1613578539608
Non-Authoritative-Reason: HSTS

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 91 KB
29 KB 59ms
40ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.44.0&Q_CLIENTTYPE=web

Requested by

Host: fidelitysecure.duckdns.org
URL: http://fidelitysecure.duckdns.org/Fidelity/login.php?primarymember_id=66b1da8b1b77217cbb2b8a753

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

8efac7087552def0e358b8896dbbe43b7ffe2d961746cdc4aea60f7eed3e1384

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 106068
cf-polished: origSize=94137
cf-ray: 6b09ef308810694b-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 10
vary: Accept-Encoding
last-modified: Wed, 10 Feb 2021 18:48:49 GMT
server: cloudflare
x-powered-by: Express
etag: W/"16fb9-1778d464668"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 EmbeddedTargetModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 7 KB
3 KB 48ms
29ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/EmbeddedTargetModule.js?Q_CLIENTVERSION=1.44.0&Q_CLIENTTYPE=web

Requested by

Host: fidelitysecure.duckdns.org
URL: http://fidelitysecure.duckdns.org/Fidelity/login.php?primarymember_id=66b1da8b1b77217cbb2b8a753

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

a68d55d5edf25c0baea3cd150e155c1c64eadbdc52a44ec5f239b8f27e250c8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 77356
cf-polished: origSize=8463
cf-ray: 6b09ef308814694b-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 7
vary: Accept-Encoding
last-modified: Wed, 10 Feb 2021 18:48:49 GMT
server: cloudflare
x-powered-by: Express
etag: W/"210f-1778d464668"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 FeedbackLinkModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 3 KB
1 KB 60ms
42ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/FeedbackLinkModule.js?Q_CLIENTVERSION=1.44.0&Q_CLIENTTYPE=web

Requested by

Host: fidelitysecure.duckdns.org
URL: http://fidelitysecure.duckdns.org/Fidelity/login.php?primarymember_id=66b1da8b1b77217cbb2b8a753

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

90c8c49df9363f906709ff1407e338b965b70a1eed9f3e573a4306fd267f1c0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 77356
cf-polished: origSize=3553
cf-ray: 6b09ef308817694b-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 5
vary: Accept-Encoding
last-modified: Wed, 10 Feb 2021 18:48:49 GMT
server: cloudflare
x-powered-by: Express
etag: W/"de1-1778d464668"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 PopOverModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 9 KB
4 KB 46ms
28ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/PopOverModule.js?Q_CLIENTVERSION=1.44.0&Q_CLIENTTYPE=web

Requested by

Host: fidelitysecure.duckdns.org
URL: http://fidelitysecure.duckdns.org/Fidelity/login.php?primarymember_id=66b1da8b1b77217cbb2b8a753

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0d67fb1e900ac570b160aaf2200d35ab1d41f00d0979ade72034289e9d3ab262

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 77356
cf-polished: origSize=10441
cf-ray: 6b09ef308818694b-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 6
vary: Accept-Encoding
last-modified: Wed, 10 Feb 2021 18:48:49 GMT
server: cloudflare
x-powered-by: Express
etag: W/"28c9-1778d464668"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 PopUpModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 4 KB
2 KB 58ms
40ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/PopUpModule.js?Q_CLIENTVERSION=1.44.0&Q_CLIENTTYPE=web

Requested by

Host: fidelitysecure.duckdns.org
URL: http://fidelitysecure.duckdns.org/Fidelity/login.php?primarymember_id=66b1da8b1b77217cbb2b8a753

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

54383cb2f70247578458b930aa303a88d1298890285b4c03eed4fc04de93aeca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 77356
cf-polished: origSize=4653
cf-ray: 6b09ef30881c694b-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 5
vary: Accept-Encoding
last-modified: Wed, 10 Feb 2021 18:48:49 GMT
server: cloudflare
x-powered-by: Express
etag: W/"122d-1778d464668"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 Graphic.php
sjc1.qualtrics.com/WRQualtricsSiteIntercept/ 2 KB
2 KB 63ms
28ms Image
image/png 184.30.20.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sjc1.qualtrics.com/WRQualtricsSiteIntercept/Graphic.php?IM=IM_3yKp2nFO4GPtXrD

Requested by

Host: fidelitysecure.duckdns.org
URL: http://fidelitysecure.duckdns.org/Fidelity/login.php?primarymember_id=66b1da8b1b77217cbb2b8a753

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-101.deploy.static.akamaitechnologies.com

Software

envoy /

Resource Hash

261810b2a67fd59ab5e89584961e97a6ba419d5db0811ee5baf8b98affb49aa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 184
date: Fri, 19 Nov 2021 13:55:07 GMT
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0
content-security-policy-report-only: report-uri https://sjc1.qualtrics.com/csp-report
x-envoy-upstream-service-time: 36
content-disposition: inline; filename=Feedback+tab+small
content-length: 1595
x-request-id: 9e381831-8b62-4ca0-84ef-1e06c5d9993e
referrer-policy: strict-origin-when-cross-origin
server: envoy
etag: "a97234fecb8fb711964fd6941188e385"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
x-transaction-id: 0283d9ad-de38-4860-bee7-f82c37175c9f
cache-control: public, max-age=53
x-robots-tag: noindex
expires: Fri, 19 Nov 2021 13:56:00 GMT

GET
H2 200 12.59a7acb124733d888c69.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 55 KB
17 KB 34ms
34ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/12.59a7acb124733d888c69.chunk.js?Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web&Q_BRANDID=fidelitysecure.duckdns.org

Requested by

Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: http://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=https%3A%2F%2Fdigital.fidelity.com%2Fprgw%2Fdigital%2Flogin%2Ffull-page%3FerrorCode%3Derror-tryagain%26AuthRedUrl%3Dhttps%253A%252F%252Foltx.fidelity.com%252Fftgw%252Ffbc%252Fofsummary%252FdefaultPage%26AuthOrigUrl%3Dhttps%253A%252F%252Fscs.fidelity.com%252Fcustomeronly%252Fportfolio.shtml&t=1613578539608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e65e5ab701115114072ff2c9e28b0a533c8d3cbe3eb541af8b9ede34f9f80c6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 130463
cf-polished: origSize=57365
cf-ray: 6b09ef30d8cc694b-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 8
vary: Accept-Encoding
last-modified: Wed, 03 Nov 2021 17:52:57 GMT
server: cloudflare
x-powered-by: Express
etag: W/"e015-17ce6eeb8a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H/1.1 200
OK HP Show response
cfa.fidelity.com/fp/ Frame 7191 19 KB
6 KB 15ms
15ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cfa.fidelity.com/fp/HP?session_id=d021478374785ec619a50956785409da&org_id=5h8i3ud8&nonce=37009b10692389b9&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Requested by

Host: fidelitysecure.duckdns.org
URL: http://fidelitysecure.duckdns.org/Fidelity/login.php?primarymember_id=66b1da8b1b77217cbb2b8a753

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

6f024b85ed9eaf9e7d7c3e6fd342087f0e662e3ceee5cb7fe20472dd8f881623

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/

Response headers

Date: Fri, 19 Nov 2021 13:55:07 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-UA-Compatible: IE=Edge
Content-Type: text/html;charset=UTF-8
Content-Language: de-DE
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5788
Keep-Alive: timeout=2, max=99

GET
H/1.1 200
OK check.js Show response
cfa.fidelity.com/fp/ Frame 7191 200 KB
28 KB 20ms
20ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cfa.fidelity.com/fp/check.js?&pageid=99998&session_id=d021478374785ec619a50956785409da&org_id=5h8i3ud8&nonce=37009b10692389b9

Requested by

Host: cfa.fidelity.com
URL: https://cfa.fidelity.com/fp/HP?session_id=d021478374785ec619a50956785409da&org_id=5h8i3ud8&nonce=37009b10692389b9&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

00091ad18cb472adabe12b8213038fb47c01b64b0ce082115c459b39e488c5c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cfa.fidelity.com/fp/HP?session_id=d021478374785ec619a50956785409da&org_id=5h8i3ud8&nonce=37009b10692389b9&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 13:55:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
tmx-nonce: 37009b10692389b9
Connection: Keep-Alive, Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=98
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 98 KB
7 KB 272ms
272ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_cvGJH8lmjxbKyln&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.59a7acb124733d888c69.chunk.js?Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web&Q_BRANDID=fidelitysecure.duckdns.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc1860e1a986f1bf4b789a3830d9c5cd68b95d1464a67c9c996da8f7c84eec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://fidelitysecure.duckdns.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 40
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://fidelitysecure.duckdns.org
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
trace-id: ada74f8b80b62421
cf-ray: 6b09ef31197d694b-FRA

GET
H/1.1 200
OK check.js;CIS3SID=6C67879F6EADD7E3540755F12CE6FE27 Show response
cfa.fidelity.com/fp/ Frame 8C4A 408 KB
75 KB 22ms
21ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cfa.fidelity.com/fp/check.js;CIS3SID=6C67879F6EADD7E3540755F12CE6FE27?org_id=5h8i3ud8&session_id=d021478374785ec619a50956785409da&nonce=08c7909705690b3c&jb=343924266a7167773f4c6b667578246873673d4c6966757a2462736275354368726f6f6526687b603f436a7a6f6d672732383936

Requested by

Host: cfa.fidelity.com
URL: https://cfa.fidelity.com/fp/tags.js?org_id=5h8i3ud8&session_id=D021478374785EC619A50956785409DA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

16e1c0aab44f0741090b6f9f5bd1fb4be9e9840469d4c7be0429755d8c402518

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 13:55:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
tmx-nonce: 08c7909705690b3c
Connection: Keep-Alive, Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=97
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
cfa.fidelity.com/fp/ Frame 8C4A 81 B
475 B 37ms
12ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.fidelity.com/fp/clear.png?org_id=5h8i3ud8&session_id=d021478374785ec619a50956785409da&nonce=08c7909705690b3c&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 13:55:07 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
cfa.fidelity.com/fp/ Frame 8C4A 81 B
475 B 38ms
13ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.fidelity.com/fp/clear.png?org_id=5h8i3ud8&session_id=d021478374785ec619a50956785409da&nonce=08c7909705690b3c&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 13:55:07 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK HP Show response
cfa.fidelity.com/fp/ Frame 4AE0 19 KB
6 KB 15ms
14ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cfa.fidelity.com/fp/HP?session_id=d021478374785ec619a50956785409da&org_id=5h8i3ud8&nonce=08c7909705690b3c&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Requested by

Host: cfa.fidelity.com
URL: https://cfa.fidelity.com/fp/check.js;CIS3SID=6C67879F6EADD7E3540755F12CE6FE27?org_id=5h8i3ud8&session_id=d021478374785ec619a50956785409da&nonce=08c7909705690b3c&jb=343924266a7167773f4c6b667578246873673d4c6966757a2462736275354368726f6f6526687b603f436a7a6f6d672732383936

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e1e893beae29ab1b60716516cded630142c0ac420135854d5cdadaae3822e02d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/

Response headers

Date: Fri, 19 Nov 2021 13:55:07 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-UA-Compatible: IE=Edge
Content-Type: text/html;charset=UTF-8
Content-Language: de-DE
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5789
Keep-Alive: timeout=2, max=99

GET
H/1.1 200
OK clear.png Show response
cfa.fidelity.com/fp/ Frame 8C4A 81 B
541 B 39ms
13ms XHR
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cfa.fidelity.com/fp/clear.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 5h8i3ud8/08c7909705690b3cd021478374785ec619a50956785409da
Referer: http://fidelitysecure.duckdns.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 13:55:07 GMT
Last-Modified: Fri, 19 Nov 2021 13:55:07 GMT
Server: Apache
Etag: 415128cd209e42d08d532b8be396f5d0
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: http://fidelitysecure.duckdns.org
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Wed, 18 Nov 2026 13:55:07 GMT

GET
H/1.1

204
No Content

clear.png Show response
h.online-metrix.net/fp/ Frame 8C4A
Redirect Chain

https://h.online-metrix.net/fp/clear.png?org_id=5h8i3ud8&session_id=d021478374785ec619a50956785409da&nonce=08c7909705690b3c&gttl=155520000
https://h.online-metrix.net/fp/clear.png?org_id=5h8i3ud8&session_id=d021478374785ec619a50956785409da&nonce=08c7909705690b3c&k=2

0
387 B

13ms
12ms

Script
text/javascript

91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=5h8i3ud8&session_id=d021478374785ec619a50956785409da&nonce=08c7909705690b3c&k=2

Protocol

HTTP/1.1

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 13:55:07 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 19 Nov 2021 13:55:07 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
P3P: CP=IVAa PSAa
Location: https://h.online-metrix.net/fp/clear.png?org_id=5h8i3ud8&session_id=d021478374785ec619a50956785409da&nonce=08c7909705690b3c&k=2
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Keep-Alive: timeout=2, max=100
Content-Length: 323

GET
H/1.1 200
OK ls_fp.html;CIS3SID=6C67879F6EADD7E3540755F12CE6FE27 Show response
cfa.fidelity.com/fp/ Frame B3A4 82 KB
13 KB 15ms
15ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cfa.fidelity.com/fp/ls_fp.html;CIS3SID=6C67879F6EADD7E3540755F12CE6FE27?org_id=5h8i3ud8&session_id=d021478374785ec619a50956785409da&nonce=08c7909705690b3c

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

1fdf1a5d785d3ac7e7784b9384c633e2581f28795d9ba40c2f1958d88aff0624

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/

Response headers

Date: Fri, 19 Nov 2021 13:55:07 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=99
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
cfa.fidelity.com/fp/ Frame 8C4A 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cfa.fidelity.com/fp/clear.png?org_id=5h8i3ud8&session_id=d021478374785ec619a50956785409da&nonce=08c7909705690b3c&jb=3336246c736335333638603165383631613a6534663b64633b3b3063613133626462313331306e

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 13:55:07 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=6C67879F6EADD7E3540755F12CE6FE27 Show response
h.online-metrix.net/fp/ Frame EEF8 95 KB
15 KB 47ms
16ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=6C67879F6EADD7E3540755F12CE6FE27?org_id=5h8i3ud8&session_id=d021478374785ec619a50956785409da&nonce=08c7909705690b3c

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

fd7c7e0eaa0b2d58e925a98b2ef5a7adef86955a66ffe7369263ad5b7f90e777

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/

Response headers

Date: Fri, 19 Nov 2021 13:55:07 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
cfa.fidelity.com/fp/ Frame 8C4A 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cfa.fidelity.com/fp/clear.png?org_id=5h8i3ud8&session_id=d021478374785ec619a50956785409da&nonce=08c7909705690b3c&jd=353824266a64663f3138246266683f36643e336330303031616d3736393b396266626163663b306067353339373334246a6e746e3d383a33313d3a3338

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 13:55:07 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK top_fp.html;CIS3SID=6C67879F6EADD7E3540755F12CE6FE27 Show response
cfa.fidelity.com/fp/ Frame BB69 82 KB
13 KB 16ms
16ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cfa.fidelity.com/fp/top_fp.html;CIS3SID=6C67879F6EADD7E3540755F12CE6FE27?org_id=5h8i3ud8&session_id=d021478374785ec619a50956785409da&nonce=08c7909705690b3c

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

33f29141965869b5947398b9676cb82fb5374ea70b6329ba961d841f1e09010d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/

Response headers

Date: Fri, 19 Nov 2021 13:55:07 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=97
Transfer-Encoding: chunked

GET
H/1.1 204
204 clear.png Show response
cfa.fidelity.com/fp/ Frame 8C4A 0
218 B 14ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cfa.fidelity.com/fp/clear.png?org_id=5h8i3ud8&session_id=d021478374785ec619a50956785409da&nonce=08c7909705690b3c&ja=3230343426246b3f322678353026643f313e303078393232322e61663d3936303078333230322e717a793f3878302466707a3d312c3936323224313230382c313630322c313038322e313438302c333030382c313638302e333a30302c382c30266d763d613a30306362616c63373566646e6466396d613a363931343738366239613561266f663f3626716b643d30362664683d687c7472273b4125324e253246666b64656e61767b73676b7572672c647d636b6466732c6d7a6725324e466964656e69747b2d30446c6d6f696e2c72687825334678726b6f6972796d6d6d6265725d6964273b463436603964613a60316a373732393761606a326238693735332666723d6a7c767225314925324427324e6669646d6c6b76717365637d72652e6477636b6666712c6f706f2532442470643d332678683f353066323869613662636462653339316037313037616732643b6264623a64362460683d356c65313862666531633a313361326d31656734376c31656638373a666934392662736f3d4c6b6e757a2e6871623f4b68726d6f652d3230393e26687167753d4c616e7578266873627735416a726d6565266c6a633534267472643f477c6325324e556e6b6e6d776e246563766870353430323164396332626d6332306d3663633d36303038306164333d373630336e6434373a38393431643e6563633a34646331346166626637323139313339346926703f726c7d67696e57666e637b685e66696c736521726c7565616c5d776b66646f75715f65656469695f726e697965725666616c736721706e7d656b6e5d69646f60675f6963726f6a61765c6e616c736d21706c7565696e5d79776b63697c696d675c66696c736529706e776f696e5f7b686f636b756176675664636c716d21706e7767616e5f726d616e72646179657a5e66616c71652172647765696c57766c615d70646179657a5e646364736521786c7567696c5f64677e636e76705666616e716529706c756f696c5d7b76675f7e69657765705e666364716721726475676b6c5f626176615666636e7b65266570333d62373330346039303b333a3164343534333b6363343d36333a3e6533326e65633662643934333f6724676e57633d7567626f6c57656a474e273a30312e38253230284d70656c4f4e2732324d53253032322630253238436a70676d69756529576562454c253038454e534e2d32304751253a30312e38253032204f706566474c2532324553273a32454c514425323247532d3230312630273038436872676d69756d2b576560436b7657676a4b69762732385765624f4c434c4f4c455f616e7374616c63656657637072637173253140253a3045585c5f606e6d6e645f65696e6d617a2533402d3032455a5c5f636d6e6f7a5f62756e6667705768616c6e5f666c6f637425314a2730304750545f646e6f69745f6264656c662d3342253a304558545d6672636f5d6665727c68253140253a3045585c5f716a6964657257746578747772655d646d6625314a25323247585c5f7465707477706d5f636f657072657371696f6c57607274612d33422730304d58545f7c657a767d72655f6b6f6d70726773736b676c5d72657c63253140253a3045585c5f7667707475726d5f66696c7665725d696c6b736d7c726f726b632d3342253a3055474a4b4954574558545f766578767d70675f64616c7467705f696e69736774706d786963253b422532304758545d7b504542273b422530324b40525f706972636e64656c5f7b68616465705f636d65726b6c672d33422730304745535f6d6c676f6d6e745f616e6465785d75696c7c273142273a304f47515f6e626f5f7a656c666d725f6d61706d6170273342273a324d4551577374636c646972645f6c65706b7e6174697e65732533402532324747515f766d787477706557666c6f697427314a2532304745535f74677874777a675d666e6761745d6e69666561722d3340273a304f455b5f74657876757267576a636c6457666c6d63742d3342253a304d475b5f746570747572655d68616e6e5d646c6d69745f6e6b6e6d6172253b422730384f4553577665727467785f637a7063795d67626a6761742d3342253a3055474a474c5f6b6f6c6f725d6275646e67705f64646f617627334a2532305f454045445f636f65707265737165645d7c677a74777a655f6371746b2533422d3232554d42474c57636f6d70706573716d665d746770747570675f6d7463253b422730385745424f4c5f636f6f7072677b7167645d7c65787677726d5f65746b3127314a2532305f4542474c5d636f6f78706773716d645f7667787c757265577331766b2533422d32305745404b49565755474245445f636d6f707a6573736d645d766d7874757a655f7333766325314a273030554d42474e5d63676d70726d7371676c5f746570747572655d7333766b5d7172656a2533402732385745424f4c5d666d6275675772656e6467726570576b6c666d2d33422730305f454247445f66677874685f7c65787475706525314a273030554d424b4b565f5f454247445f66677874685f7c65787475706525314a273030554d42474e5d647a61775f6a7564646d7273253b4225323055454245445d6e6f716d5f636d6c746d7874253b422730385745424349545f574742474e576e6d736757636f6c7665707425334a2530325f454247445f6d756c76695f667a637531342e676c5d6a3d38623035396363603e32383039343235356165633069356735366e3837603a343e6436353d3036672e77676c7e3d496e74676c2530384b6c632c2e77676e703d416e746564253032417269732d32304f70676e474e2d3032456c6f696e6724636b643d32&jb=313531266c73354f6d7a6b646c612730463d2e30253a302a55616e646f7f732532304c5425303833322e322d33422730305f696e363c2531402d3230783e342925323241707264675565604369742730463d33372e3b36273038284b485c4d4c253241253232646b6965273a304767616b6729253238436a70676d65253a4639362e322e34343e362c34372d3230516366697269253a4637313f2e3336

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 13:55:07 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
5h8i3ud8z4geip3rk35pkq5po53l7yi23j6bhucl08c7909705690b3cam1.e.aa.online-metrix.net/fp/ Frame 8C4A 81 B
438 B 55ms
12ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5h8i3ud8z4geip3rk35pkq5po53l7yi23j6bhucl08c7909705690b3cam1.e.aa.online-metrix.net/fp/clear.png?org_id=5h8i3ud8&session_id=d021478374785ec619a50956785409da&nonce=08c7909705690b3c&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 13:55:07 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ARF;CIS3SID=4DED500492C257344941D599C41B5767 Show response
cfa.fidelity.com/fp/ Frame 7191 35 B
557 B 14ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cfa.fidelity.com/fp/ARF;CIS3SID=4DED500492C257344941D599C41B5767?org_id=5h8i3ud8&session_id=d021478374785ec619a50956785409da&nonce=37009b10692389b9&pageid=99998&sera_parametere=VUcNAQsDBlUAWwpQC1sADFJSAQYJUwUAVQ4CUQ0MUQ8KDgUCW1QBCFUAABVLSl9QXUdFREpHAnQTDnAWD31HCwNdQ1VVB1xVWE1BFgt9Rw5xBxUHfUcDAF5WQUdLHFF9FgByFQ4mF1RfBAELDlpRCwAECQkJBwZVBw0BCgAPB1gEBVUCXVYBAVMLUwQMAVYIAA4WXlYMUlULCgUDCAAACAMBCQIKWghSDx9YQAUJGgBWDgICX1VUBg8MUQNeDVBaVgcCCA4EUAAHX1ZSCAhXCAAFBgAIUlUWV1APAggKVgoVXlkNFFMXQF8ECwoBAFofW1wNFltfclhEVl9WHlsUBAoBFlJWEQx8X1dHSx5aAARHU0pvWgNdXFRYUVgeXBYEBAA%3D&count=0&max=0

Requested by

Host: cfa.fidelity.com
URL: https://cfa.fidelity.com/fp/check.js?&pageid=99998&session_id=d021478374785ec619a50956785409da&org_id=5h8i3ud8&nonce=37009b10692389b9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

28c96e355acf11ac1dddd472b2ec21a4d053db7c7861a515d413777d2a347d50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cfa.fidelity.com/fp/HP?session_id=d021478374785ec619a50956785409da&org_id=5h8i3ud8&nonce=37009b10692389b9&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 13:55:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive, Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=96
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 99 KB
31 KB 29ms
29ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web&Q_BRANDID=fmrpi

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

588683fcfb9b148f145a58b2e9c935a6ef3684b2942d2dbc49eac4fa5133094d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 130463
cf-polished: origSize=102584
cf-ray: 6b09ef33dfea694b-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 10
vary: Accept-Encoding
last-modified: Wed, 03 Nov 2021 17:52:57 GMT
server: cloudflare
x-powered-by: Express
etag: W/"190b8-17ce6eeb8a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H/1.1 200
OK check.js Show response
cfa.fidelity.com/fp/ Frame 4AE0 200 KB
28 KB 19ms
19ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cfa.fidelity.com/fp/check.js?&pageid=99998&session_id=d021478374785ec619a50956785409da&org_id=5h8i3ud8&nonce=08c7909705690b3c

Requested by

Host: cfa.fidelity.com
URL: https://cfa.fidelity.com/fp/HP?session_id=d021478374785ec619a50956785409da&org_id=5h8i3ud8&nonce=08c7909705690b3c&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

901717cf968fb990c41151e5f3be243a27725c249a2c5fa53eeef37f6611ddc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cfa.fidelity.com/fp/HP?session_id=d021478374785ec619a50956785409da&org_id=5h8i3ud8&nonce=08c7909705690b3c&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 13:55:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
tmx-nonce: 08c7909705690b3c
Connection: Keep-Alive, Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=95
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
cfa.fidelity.com/fp/ Frame B3A4 0
387 B 13ms
12ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cfa.fidelity.com/fp/clear.png?org_id=5h8i3ud8&session_id=d021478374785ec619a50956785409da&nonce=08c7909705690b3c&jf=3336246c736035373a3036386566353636393734363c613a666e3565326a32333530643065346e

Requested by

Host: cfa.fidelity.com
URL: https://cfa.fidelity.com/fp/ls_fp.html;CIS3SID=6C67879F6EADD7E3540755F12CE6FE27?org_id=5h8i3ud8&session_id=d021478374785ec619a50956785409da&nonce=08c7909705690b3c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cfa.fidelity.com/fp/ls_fp.html;CIS3SID=6C67879F6EADD7E3540755F12CE6FE27?org_id=5h8i3ud8&session_id=d021478374785ec619a50956785409da&nonce=08c7909705690b3c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 13:55:07 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 4.3f24d299e0044d5872df.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
905 B 41ms
41ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/4.3f24d299e0044d5872df.chunk.js?Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web&Q_BRANDID=fmrpi

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

11fe7d5ae550735b14a986e7f9ea6a61f04965a55b2bc2d1a09c5352a2dcc31f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 130463
cf-polished: origSize=2539
cf-ray: 6b09ef347969694b-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 5
vary: Accept-Encoding
last-modified: Wed, 03 Nov 2021 17:52:57 GMT
server: cloudflare
x-powered-by: Express
etag: W/"9eb-17ce6eeb8a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 1.0a35fd27ba387ad30f65.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 28 KB
7 KB 35ms
35ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.0a35fd27ba387ad30f65.chunk.js?Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web&Q_BRANDID=fmrpi

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

5c6b0b5df929b352bc190dec76813ed7765edd16f4eb898eb2a1015daa026282

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 130463
cf-polished: origSize=29269
cf-ray: 6b09ef34796e694b-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 5
vary: Accept-Encoding
last-modified: Wed, 03 Nov 2021 17:52:57 GMT
server: cloudflare
x-powered-by: Express
etag: W/"7255-17ce6eeb8a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 PopUpModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 4 KB
2 KB 34ms
34ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/PopUpModule.js?Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web&Q_BRANDID=fmrpi

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54383cb2f70247578458b930aa303a88d1298890285b4c03eed4fc04de93aeca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 129469
cf-polished: origSize=4652
cf-ray: 6b09ef34796f694b-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 29
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 03 Nov 2021 17:52:58 GMT
server: cloudflare
etag: W/"122c-17ce6eebc90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 FeedbackLinkModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 3 KB
1 KB 34ms
34ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/FeedbackLinkModule.js?Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web&Q_BRANDID=fmrpi

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

90c8c49df9363f906709ff1407e338b965b70a1eed9f3e573a4306fd267f1c0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 129889
cf-polished: origSize=3552
cf-ray: 6b09ef347972694b-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 4
vary: Accept-Encoding
last-modified: Wed, 03 Nov 2021 17:52:57 GMT
server: cloudflare
x-powered-by: Express
etag: W/"de0-17ce6eeb8a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 EmbeddedTargetModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 7 KB
3 KB 25ms
25ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/EmbeddedTargetModule.js?Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web&Q_BRANDID=fmrpi

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

a68d55d5edf25c0baea3cd150e155c1c64eadbdc52a44ec5f239b8f27e250c8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 129896
cf-polished: origSize=8462
cf-ray: 6b09ef347974694b-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 5
vary: Accept-Encoding
last-modified: Wed, 03 Nov 2021 17:52:57 GMT
server: cloudflare
x-powered-by: Express
etag: W/"210e-17ce6eeb8a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 PopOverModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 9 KB
3 KB 46ms
46ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/PopOverModule.js?Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web&Q_BRANDID=fmrpi

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0d67fb1e900ac570b160aaf2200d35ab1d41f00d0979ade72034289e9d3ab262

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 130457
cf-polished: origSize=10440
cf-ray: 6b09ef347976694b-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 7
vary: Accept-Encoding
last-modified: Wed, 03 Nov 2021 17:52:58 GMT
server: cloudflare
x-powered-by: Express
etag: W/"28c8-17ce6eebc90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 5 KB
2 KB 115ms
96ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_bmvqwK4G0RfqFHn&Version=6&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a169cc782012d9a5ece8cf798f618fdb59bcbd85da9576b80fd419399c1c225

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 14
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef349fb76943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 290 B
273 B 93ms
75ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_er32JI1gjlcuQRf&Version=3&Q_InterceptID=SI_bmvqwK4G0RfqFHn&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55e2b2ab595e0c192f763ad2c2a237f3f92ecc51e843da550393ffb51a7f115b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 9
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef34a8446943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 5 KB
2 KB 117ms
99ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_6tg8PWOi1frIFut&Version=3&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

053f6f7de2dc83b0efa801d03de4f0f1b15cc6c43146f2f97484ee7384e05f21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 13
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef34afea6943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 290 B
270 B 95ms
77ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_er32JI1gjlcuQRf&Version=3&Q_InterceptID=SI_6tg8PWOi1frIFut&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55e2b2ab595e0c192f763ad2c2a237f3f92ecc51e843da550393ffb51a7f115b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 9
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef34aff16943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 5 KB
2 KB 123ms
105ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_aWusZd3gjeTf5gq&Version=4&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d62ca817b668e2e7fe40448059352566ecf10985548312f7a24a9c8b83fa3813

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 11
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef34a8176943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 289 B
272 B 128ms
111ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_eFBXElNuwIHb8W2&Version=1&Q_InterceptID=SI_aWusZd3gjeTf5gq&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b42c3e71681366cd6ec743a3bcc6d8f739f09415dc72875e539d98ff05cb35c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 14
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef34affb6943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 5 KB
2 KB 119ms
101ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_aYqf0yaiHxFK3tQ&Version=4&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84694d83725e88328f1e12e509d9fd4244bbf60162859af52dee3e89917a5dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 11
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef349fc56943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 289 B
270 B 117ms
100ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_eFBXElNuwIHb8W2&Version=1&Q_InterceptID=SI_aYqf0yaiHxFK3tQ&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b42c3e71681366cd6ec743a3bcc6d8f739f09415dc72875e539d98ff05cb35c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 14
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef349fce6943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 5 KB
2 KB 118ms
101ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_8lgMP25Ikgjv0we&Version=4&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc8721a1adc4924783894d6a7ffc53ec2b6a9f1d434f6105fe0bfe632de8eb2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 14
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef34afe56943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 289 B
281 B 120ms
103ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_eFBXElNuwIHb8W2&Version=1&Q_InterceptID=SI_8lgMP25Ikgjv0we&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b42c3e71681366cd6ec743a3bcc6d8f739f09415dc72875e539d98ff05cb35c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 14
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef34a8156943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 5 KB
2 KB 117ms
101ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_0AsPpi6JZXIjgMZ&Version=62&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e10d554f075c4d2f34a9b816377bda9d82c571953a611ccf685e52a965d113b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 9
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef34afe26943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 328 B
302 B 118ms
102ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_0ia68TaWR1dbtn7&Version=4&Q_InterceptID=SI_0AsPpi6JZXIjgMZ&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1953b94ba034ab9ad857a51e0b28bb70b57a73a7fe51753d05df1cbdf0fb775b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 11
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef34aff96943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 4 KB
1 KB 118ms
102ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_dgsx9hrWB3K6913&Version=2&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b376e7247f7b6432d3bd4f87c3598250819e31dfac7b17fa11f14ad568c35be1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 9
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef349fbc6943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 298 B
278 B 112ms
97ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_bOXDLte5ExB3fcV&Version=1&Q_InterceptID=SI_dgsx9hrWB3K6913&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d17ea77190820fb8045de841be49d7ca27100343608eddfc073513d676d932b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 11
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef349fc86943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 4 KB
1 KB 111ms
96ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_6JrOieTJRaQjNt3&Version=2&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80215e4d119951a2bdbb49d39524be4f7c8af7daeb0cd692ab70a90c9691889a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 11
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef349fc46943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 295 B
765 B 89ms
74ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_9tyxYsdHImRttqd&Version=1&Q_InterceptID=SI_6JrOieTJRaQjNt3&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33f544d59c46dc9e521b38e634b51cbdfc4c010e92aa2bb00a75b31681859873

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 25
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef349fde6943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 4 KB
1 KB 119ms
104ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_aavOQmPi2QSZKE5&Version=3&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c057703e7565118ba2084013ce7b26196eb48eb1103925bc9f703b2b251fbbb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 9
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef34aff26943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 304 B
281 B 95ms
80ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_9zBaZSEe4Cd5tiJ&Version=1&Q_InterceptID=SI_aavOQmPi2QSZKE5&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a8c79033d6f51d9221602443e34d42e174fd3d9fedd49be51747a5217ac01d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 9
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef34a8036943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 4 KB
1 KB 108ms
93ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_9slyRRmuwUZ9tfT&Version=2&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb55d122ba0e3370c1d5c52c60f16db655f997c045402c2e52187615ce580477

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 9
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef349fd36943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 290 B
272 B 113ms
99ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_er32JI1gjlcuQRf&Version=3&Q_InterceptID=SI_9slyRRmuwUZ9tfT&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55e2b2ab595e0c192f763ad2c2a237f3f92ecc51e843da550393ffb51a7f115b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 9
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef349fbe6943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
934 B 115ms
100ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_9NSjltynMtHhMFf&Version=1&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6b4a6124675203780f1883d16d012e98448f6dceec35da99e980c073fcf1e71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 10
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef34aff66943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
1009 B 112ms
98ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_cRTya5i3wiaWo4Z&Version=6&Q_InterceptID=SI_9NSjltynMtHhMFf&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

294394f3b1b6ebe8e536343efb15bb35964899ebce1f52ce37c7389594079987

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 13
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef349fda6943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 4 KB
1 KB 126ms
112ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_6KILeGGAuPslJ7n&Version=2&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e07bd958925ada74f41859021ac752ddc2c7da287a426e8e5ebf8ae3d3073abe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 11
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef34a81d6943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 290 B
272 B 119ms
105ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_er32JI1gjlcuQRf&Version=3&Q_InterceptID=SI_6KILeGGAuPslJ7n&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55e2b2ab595e0c192f763ad2c2a237f3f92ecc51e843da550393ffb51a7f115b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 9
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef34a8006943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 4 KB
1 KB 112ms
98ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_20upoDg7GIYGuyh&Version=3&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

459da4c8a9f2a70da8e894d10a363dea41b4d4cdb435af95186da4031da26464

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 11
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef349fcd6943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 290 B
279 B 122ms
108ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_er32JI1gjlcuQRf&Version=3&Q_InterceptID=SI_20upoDg7GIYGuyh&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55e2b2ab595e0c192f763ad2c2a237f3f92ecc51e843da550393ffb51a7f115b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 9
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef34a8226943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 4 KB
1 KB 123ms
109ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_aYq2S2L9WYVHefz&Version=2&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06938dd593b945d6da6fe382a54eb2f8798be00d2f67281c8c16529a35bf9193

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 10
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef34a81f6943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 290 B
281 B 117ms
104ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_er32JI1gjlcuQRf&Version=3&Q_InterceptID=SI_aYq2S2L9WYVHefz&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55e2b2ab595e0c192f763ad2c2a237f3f92ecc51e843da550393ffb51a7f115b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 9
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef34a8126943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 4 KB
1 KB 113ms
100ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_9YUbswnCF6g4k05&Version=2&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2451f78cdf73cb2817ec2a124bc1a77b9c7100f5c30bdb521b824a83677c83a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 19
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef349fd76943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 290 B
281 B 116ms
103ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_er32JI1gjlcuQRf&Version=3&Q_InterceptID=SI_9YUbswnCF6g4k05&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55e2b2ab595e0c192f763ad2c2a237f3f92ecc51e843da550393ffb51a7f115b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 9
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef34a8026943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 4 KB
1 KB 116ms
103ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_0qryPRAlBXczdTD&Version=6&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b2502073850d32d0771c4f2c5c405d7855e61fad3719bd4efc12687523e3402

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 17
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef34aff46943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 290 B
270 B 118ms
106ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_er32JI1gjlcuQRf&Version=3&Q_InterceptID=SI_0qryPRAlBXczdTD&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55e2b2ab595e0c192f763ad2c2a237f3f92ecc51e843da550393ffb51a7f115b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 9
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef349fd26943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 4 KB
1 KB 125ms
113ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_0vaYdwthIHVvh6R&Version=11&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ef8b37a63474996a7a2a5f1b20464bdcfda70740b292737fd1369a4c814b155

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 14
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef349fc16943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
1018 B 105ms
93ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_cRTya5i3wiaWo4Z&Version=6&Q_InterceptID=SI_0vaYdwthIHVvh6R&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

294394f3b1b6ebe8e536343efb15bb35964899ebce1f52ce37c7389594079987

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 13
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef349fc26943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 4 KB
1 KB 117ms
105ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_5ndFaivuSQRQAmh&Version=6&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8596f3beb992852b9e2f1bf8bb2460a8b416637203316575786f7efbf9894829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 12
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef34a8196943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 290 B
290 B 119ms
107ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_er32JI1gjlcuQRf&Version=3&Q_InterceptID=SI_5ndFaivuSQRQAmh&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55e2b2ab595e0c192f763ad2c2a237f3f92ecc51e843da550393ffb51a7f115b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 9
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef34a83b6943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 4 KB
1 KB 124ms
112ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_2oDT1dKLOgeFIGN&Version=2&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0efcff5e42f48dc59be55debd3f3debb3258a7c37b7d71bb22adb50ab10b450

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 9
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef34a83e6943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
1008 B 120ms
109ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_cRTya5i3wiaWo4Z&Version=6&Q_InterceptID=SI_2oDT1dKLOgeFIGN&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

294394f3b1b6ebe8e536343efb15bb35964899ebce1f52ce37c7389594079987

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 13
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef34a8386943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 4 KB
1 KB 126ms
115ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_bw1hblXpnxk5GYZ&Version=9&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e72d30c589782e1029538ee2906d6c5f28f30f877e49e617002a16a434a7d6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 22
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef34a82a6943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
1 KB 123ms
112ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_cRTya5i3wiaWo4Z&Version=6&Q_InterceptID=SI_bw1hblXpnxk5GYZ&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

294394f3b1b6ebe8e536343efb15bb35964899ebce1f52ce37c7389594079987

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 13
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef34a8336943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 4 KB
1 KB 120ms
109ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_eUPgeLMEq5Uop2B&Version=7&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fac61e050d5eb05f5b913840d0d65423757b34191c2dd41f434f4256dc54aa86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 10
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef34a8266943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
1008 B 124ms
114ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_cRTya5i3wiaWo4Z&Version=6&Q_InterceptID=SI_eUPgeLMEq5Uop2B&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

294394f3b1b6ebe8e536343efb15bb35964899ebce1f52ce37c7389594079987

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 13
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef34a82c6943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 4 KB
1 KB 122ms
111ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_bgaRAZcFBOJ6zwV&Version=9&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75130c88fd45f06e63bc933339fde630f4d3aa270150e5f07ebc0934f1c98295

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 12
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef34a8356943-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
1012 B 89ms
79ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_cRTya5i3wiaWo4Z&Version=6&Q_InterceptID=SI_bgaRAZcFBOJ6zwV&Q_ORIGIN=http://fidelitysecure.duckdns.org&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

294394f3b1b6ebe8e536343efb15bb35964899ebce1f52ce37c7389594079987

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 13
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 13:50:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 17 Nov 2031 13:50:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b09ef34a8306943-FRA
servershortname

GET
H/1.1 200
OK ARF;CIS3SID=5E72CD6C17E987BF4F54835675FA4E60 Show response
cfa.fidelity.com/fp/ Frame 4AE0 35 B
557 B 14ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cfa.fidelity.com/fp/ARF;CIS3SID=5E72CD6C17E987BF4F54835675FA4E60?org_id=5h8i3ud8&session_id=d021478374785ec619a50956785409da&nonce=08c7909705690b3c&pageid=99998&sera_parametere=VkheBFoDDVNRBVIMBVMEUFNZWgJYUQEAAwAEWgNTBlACXVdUXAFfDgkDDh9DEQ4KXkgWQ0oVCnMVAnQcByYWUQBSEFJVVVRSXkFFHAMmFlRyCEYAfRULB1haRU1DRwAnFQ8hEg50H1NZCAUBBgEAUQMLWg4JVQ5SAQEFAAhUVgIHCgYFXQQJBlUHVw4EWgdSAwFFWVZeWlINBQ5aB1sDWgcIVgEAAFsEUxNcSg1SSwFWWQUOXVQNU1IFAw5WBgRSBggBUw4HW1NSAAJdAFEAVARaBQIPAQERUVwLCABRB1AWUQoKFAEfR1kIDwAJWwtFWFNeEVsNel9CWltcFgBFXgkORVVWQwR7WVtDQRYBUV5EXBloWlFVW1JUVVIWB0deBgw%3D&count=0&max=0

Requested by

Host: cfa.fidelity.com
URL: https://cfa.fidelity.com/fp/check.js?&pageid=99998&session_id=d021478374785ec619a50956785409da&org_id=5h8i3ud8&nonce=08c7909705690b3c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e6cb9d5e676a9bf250585ca83d7a1e1514f458ebd2ef932e43edbd60d5180d53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cfa.fidelity.com/fp/HP?session_id=d021478374785ec619a50956785409da&org_id=5h8i3ud8&nonce=08c7909705690b3c&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 13:55:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive, Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=94
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 Graphic.php
sjc1.qualtrics.com/WRQualtricsSiteIntercept/ 2 KB
2 KB 28ms
28ms Image
image/png 184.30.20.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sjc1.qualtrics.com/WRQualtricsSiteIntercept/Graphic.php?IM=IM_3yKp2nFO4GPtXrD

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web&Q_BRANDID=fmrpi

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-101.deploy.static.akamaitechnologies.com

Software

envoy /

Resource Hash

261810b2a67fd59ab5e89584961e97a6ba419d5db0811ee5baf8b98affb49aa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 184
date: Fri, 19 Nov 2021 13:55:07 GMT
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0
content-security-policy-report-only: report-uri https://sjc1.qualtrics.com/csp-report
x-envoy-upstream-service-time: 36
content-disposition: inline; filename=Feedback+tab+small
content-length: 1595
x-request-id: 9e381831-8b62-4ca0-84ef-1e06c5d9993e
referrer-policy: strict-origin-when-cross-origin
server: envoy
etag: "a97234fecb8fb711964fd6941188e385"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
x-transaction-id: 0283d9ad-de38-4860-bee7-f82c37175c9f
cache-control: public, max-age=53
x-robots-tag: noindex
expires: Fri, 19 Nov 2021 13:56:00 GMT

POST
H2 200 / Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 45 B
224 B 143ms
143ms XHR
text/plain 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_0ia68TaWR1dbtn7&Q_SIID=SI_0AsPpi6JZXIjgMZ&Q_ASID=AS_0AqVa5fIQp7ktXT&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web&r=1637330107804

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web&Q_BRANDID=fmrpi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://fidelitysecure.duckdns.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 19 Nov 2021 13:55:07 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 4
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 45
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://fidelitysecure.duckdns.org
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
trace-id: 005717bf6b73be26
cf-ray: 6b09ef35cb596943-FRA

GET
H/1.1 204
No Content clear.png Show response
cfa.fidelity.com/fp/ Frame 8C4A 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cfa.fidelity.com/fp/clear.png?org_id=5h8i3ud8&session_id=d021478374785ec619a50956785409da&nonce=08c7909705690b3c&jac=1&je=313135262672653f6c6f246a617471763d73226c657e656e2032312e30382c227374637475712a3820636a6972676b6c672a7d26617d646a3f6b61376231653665363a3163616961346630693763333b32313336333c3660376b33313731366234643a64643630343230313066653664303b6663643034373b

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 13:55:07 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=93
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear3.png;CIS3SID=6C67879F6EADD7E3540755F12CE6FE27 Show response
cfa.fidelity.com/fp/ Frame 8C4A 0
219 B 48ms
16ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://cfa.fidelity.com/fp/clear3.png;CIS3SID=6C67879F6EADD7E3540755F12CE6FE27?org_id=5h8i3ud8&session_id=d021478374785ec619a50956785409da&nonce=08c7909705690b3c&jac=1&je=null

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fidelitysecure.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 13:55:11 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Fidelity (Banking)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fidelitysecure.duckdns.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: 06e236140743a4212fd0183a474a1fb1
cfa.fidelity.com/	1970-01-21 18:00:50	Name: thx_guid Value: 5cf3d7c44a504057832bae5373e52427
cfa.fidelity.com/	1970-01-21 18:00:50	Name: tmx_guid Value: ABCtdRtqa-pI14aioBv3oz24nZXPTJHZOS0SC3ynnJDk0dVUqiOCuUwVVFtHtxIQ7JwzCo_RcihdlknTwzEO5SVajISIYKy5FuE
h.online-metrix.net/	1970-01-21 18:00:50	Name: thx_global_guid Value: 605f4263ea444adca6726b4afb6cd623

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://fidelitysecure.duckdns.org/staticweb/45299d6b9a0ti190698a987b283a4a6e7 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5h8i3ud8z4geip3rk35pkq5po53l7yi23j6bhucl08c7909705690b3cam1.e.aa.online-metrix.net
assets.fidelity.com
cfa.fidelity.com
fidelitysecure.duckdns.org
h.online-metrix.net
siteintercept.qualtrics.com
sjc1.qualtrics.com
zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
104.17.208.240
147.182.232.99
184.30.20.101
184.86.251.7
91.235.132.130
91.235.133.67
91.235.134.131
00091ad18cb472adabe12b8213038fb47c01b64b0ce082115c459b39e488c5c3
053f6f7de2dc83b0efa801d03de4f0f1b15cc6c43146f2f97484ee7384e05f21
06938dd593b945d6da6fe382a54eb2f8798be00d2f67281c8c16529a35bf9193
0b2502073850d32d0771c4f2c5c405d7855e61fad3719bd4efc12687523e3402
0d67fb1e900ac570b160aaf2200d35ab1d41f00d0979ade72034289e9d3ab262
11fe7d5ae550735b14a986e7f9ea6a61f04965a55b2bc2d1a09c5352a2dcc31f
16e1c0aab44f0741090b6f9f5bd1fb4be9e9840469d4c7be0429755d8c402518
170c22b59d68deed748cc0b577f49a828d751cb5b201fabee8f5b2eb515d4998
1953b94ba034ab9ad857a51e0b28bb70b57a73a7fe51753d05df1cbdf0fb775b
1ef8b37a63474996a7a2a5f1b20464bdcfda70740b292737fd1369a4c814b155
1fdf1a5d785d3ac7e7784b9384c633e2581f28795d9ba40c2f1958d88aff0624
2451f78cdf73cb2817ec2a124bc1a77b9c7100f5c30bdb521b824a83677c83a0
261810b2a67fd59ab5e89584961e97a6ba419d5db0811ee5baf8b98affb49aa0
28c96e355acf11ac1dddd472b2ec21a4d053db7c7861a515d413777d2a347d50
28fe12d33e400e7cba922a6b703ac7afb4eb6a7e2f453d09e5c2c55c68030ab2
294394f3b1b6ebe8e536343efb15bb35964899ebce1f52ce37c7389594079987
33f29141965869b5947398b9676cb82fb5374ea70b6329ba961d841f1e09010d
33f544d59c46dc9e521b38e634b51cbdfc4c010e92aa2bb00a75b31681859873
39aac9dc37e49220013d6bfda6483629e9658764582168758db8cf4426b25db0
3a8c79033d6f51d9221602443e34d42e174fd3d9fedd49be51747a5217ac01d7
459da4c8a9f2a70da8e894d10a363dea41b4d4cdb435af95186da4031da26464
54383cb2f70247578458b930aa303a88d1298890285b4c03eed4fc04de93aeca
55e2b2ab595e0c192f763ad2c2a237f3f92ecc51e843da550393ffb51a7f115b
588683fcfb9b148f145a58b2e9c935a6ef3684b2942d2dbc49eac4fa5133094d
5c6b0b5df929b352bc190dec76813ed7765edd16f4eb898eb2a1015daa026282
67c80d56758cda1bb5bec77917aaf74c32006a0bc09a7dd164c556de2c754487
6b2ced9a0548a82ecb57df60ab6d1ca8ac7e7584f64f2b9e64cbf4ad0c3483a4
6e72d30c589782e1029538ee2906d6c5f28f30f877e49e617002a16a434a7d6b
6f024b85ed9eaf9e7d7c3e6fd342087f0e662e3ceee5cb7fe20472dd8f881623
75130c88fd45f06e63bc933339fde630f4d3aa270150e5f07ebc0934f1c98295
7a407e54294c6ef2fe14317f6653ff26f73749e20d8c8e53a4016f822a5024fe
7aa0292c8b5387df9165be7dec812d4636f0848f97093801e7c0d2d89d0ce62b
80215e4d119951a2bdbb49d39524be4f7c8af7daeb0cd692ab70a90c9691889a
84694d83725e88328f1e12e509d9fd4244bbf60162859af52dee3e89917a5dd2
8596f3beb992852b9e2f1bf8bb2460a8b416637203316575786f7efbf9894829
8efac7087552def0e358b8896dbbe43b7ffe2d961746cdc4aea60f7eed3e1384
901717cf968fb990c41151e5f3be243a27725c249a2c5fa53eeef37f6611ddc8
90c8c49df9363f906709ff1407e338b965b70a1eed9f3e573a4306fd267f1c0c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
9a169cc782012d9a5ece8cf798f618fdb59bcbd85da9576b80fd419399c1c225
9b42c3e71681366cd6ec743a3bcc6d8f739f09415dc72875e539d98ff05cb35c
9d2c022ab32baeb79d0fd1e7cfbb0efd41ba112e22b006cbb3fd39fcea8716ae
9dc1860e1a986f1bf4b789a3830d9c5cd68b95d1464a67c9c996da8f7c84eec1
a68d55d5edf25c0baea3cd150e155c1c64eadbdc52a44ec5f239b8f27e250c8e
b376e7247f7b6432d3bd4f87c3598250819e31dfac7b17fa11f14ad568c35be1
c057703e7565118ba2084013ce7b26196eb48eb1103925bc9f703b2b251fbbb7
cc8721a1adc4924783894d6a7ffc53ec2b6a9f1d434f6105fe0bfe632de8eb2b
d17ea77190820fb8045de841be49d7ca27100343608eddfc073513d676d932b3
d62ca817b668e2e7fe40448059352566ecf10985548312f7a24a9c8b83fa3813
d6dc80a145e5abd531738f66c8c38e48aa38205440f14772046df37e5605323a
e07bd958925ada74f41859021ac752ddc2c7da287a426e8e5ebf8ae3d3073abe
e0efcff5e42f48dc59be55debd3f3debb3258a7c37b7d71bb22adb50ab10b450
e10d554f075c4d2f34a9b816377bda9d82c571953a611ccf685e52a965d113b4
e1e893beae29ab1b60716516cded630142c0ac420135854d5cdadaae3822e02d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e65e5ab701115114072ff2c9e28b0a533c8d3cbe3eb541af8b9ede34f9f80c6f
e6cb9d5e676a9bf250585ca83d7a1e1514f458ebd2ef932e43edbd60d5180d53
eb55d122ba0e3370c1d5c52c60f16db655f997c045402c2e52187615ce580477
ed45b866ae2d245825fdb7ddab7c553586a5feb1598f6fd4e916f0bdd4a5ca85
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f6b4a6124675203780f1883d16d012e98448f6dceec35da99e980c073fcf1e71
fac61e050d5eb05f5b913840d0d65423757b34191c2dd41f434f4256dc54aa86
fd7c7e0eaa0b2d58e925a98b2ef5a7adef86955a66ffe7369263ad5b7f90e777

fidelitysecure.duckdns.org Open in urlscan Pro 147.182.232.99 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

89 Requests

96 %HTTPS

0 %IPv6

4 Domains

8 Subdomains

8 IPs

3 Countries

519 kBTransfer

1891 kBSize

4 Cookies

16 Outgoing links

Page URL History

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

fidelitysecure.duckdns.org Open in urlscan Pro
147.182.232.99 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

96 %
HTTPS

0 %
IPv6

4
Domains

8
Subdomains

8
IPs

3
Countries

519 kB
Transfer

1891 kB
Size

4
Cookies

89 HTTP transactions
4 data transactions